Silence after a security breach spells trouble for grocery chain

Customers of the St. Louis-based Schnucks grocery chain have discovered abuse of their credit and debit card info. Schnucks is staying mum. Bad idea.

By Tripp FrohlichsteinMarch 29, 2013

SHARE

Silence is golden—unless you are in a crisis. Then, silence is deafening.

Schnucks grocery stores (a regional chain based in St. Louis) is learning this lesson—and , in my opinion, unnecessarily so.

According to news reports, on March 15, 2013, shoppers began discovering that their credit and debit card information had been stolen and fraudulently used out of state.

Schnucks said nothing—nada, zilch, no comment. The news became public when KSDK (the St. Louis NBC affiliate) received an email about it from a shopper/viewer and started its probe.

Schnucks would say only that it was aware of the problem and was looking into it. No apology, no advice, no information.

A check of the Schnucks website and Facebook page showed no reference to the fraud.

The story continued to escalate as more and more people reported their card numbers stolen.

Channel 5 recently aired a story during its 5 p.m. and 6 p.m. newscasts. I was asked for comments about Schnucks’ lack of candor.

Schnucks issued a slightly more detailed statement for the story:

“Schnucks became aware on March 15 that some customers had noticed unauthorized charges on their card statements for credit cards they used at Schnucks. Schnucks immediately began to investigate these reports and has engaged outside experts, including a nationally recognized forensic firm, to assist. We are also cooperating with law enforcement authorities.”

The problem for Schnucks is significant. They are losing customers who are concerned about the lack of information. They are losing revenue as customers shop at competitors. They are losing customer loyalty as people likely feel betrayed by their longtime grocery store.

Despite the airing of that news story, Schnucks has not commented beyond its sterile statement. Not only do they remain silent with the media, they aren’t even talking directly to customers.

Amazingly, as of Wednesday night, its Facebook page was filled with customers’ complaints about the problem and requests for direction. Schnucks has ignored every one. Yet if someone writes to thank them for lower prices, they respond. This reticence about the apparent security breach is insensitive and inexcusable.

This is a typical comment (Dierberg’s is a competitor):

“I am 33 years old and have never experienced credit card fraud until last week when Amex called me to let me know someone in TX was using my card. I have several friends who were involved in this too. Just sad! Although it’s a little out of my way, I’m going to Dierberg’s from now on. Not worth the risk since we are not getting any assurance that this will not happen again.”

Or this:

“Sorry I won’t be able to take advantage of your sales this week. You see, my credit card got canceled because of your shenanigans with the hackers. It’ll take them days to ship me a replacement card. I’ve shopped with you guys for over 30 yrs. now. What a shame that you cannot even issue a statement reassuring us that we can safely use our cards there again. Or even wtf is going on. A news station shouldn’t have to dig this info out of you.”

As a Schnucks shopper, I posted this:

“Schnucks—do you realize the insensitivity you are showing customers on this page? You are ignoring the posts of shoppers concerned with the credit card fraud yet responding to people thanking you for savings. You can’t have it both ways. I met three people (Schnucks regulars) today who say they will not shop at Schnucks until they know more. So if you are worried about lawsuits, I recommend you start worrying about revenue you are losing right now. Really just trying to help-please communicate with your customers and community!”

There is also no reference to the situation (that I can find) on their website. At the top of the page, it says “Latest Communications.” What are they telling the audience? As of the evening of March 27, here’s the latest “communication.”

Schnucks Hosting Job Fair for all St. Louis Metro Area Stores and Positions

Grippo Foods Recalls Potato Chips

La Preferida Recalls Select Cans of Whole Pinto Beans

Schnucks was a client of mine several years ago. It is managed by professionals who really do care about customers. Sadly, someone else appears to be calling the shots. If so, let’s hope management remembers its roots.

First, they owe people an apology. Actually, two. They owe one apology to the victims of the fraud, and the other to all their customers for failing to keep them informed and for providing no direction or advice.

The key lesson is the importance of communication. People probably won’t blame the company for the fraud, but they will blame the company for mishandling the situation once it was discovered.

Tripp Frohlichstein is founder of MediaMasters. His firm specializes in media and presentation coaching, along with message development and message mapping. Contact him at www.mediamasterstraining.com or email tr3@aol.com.